Tutorials

Using the variable function
This tutorial will explain how to use the variable function within EventSentry

Encrypting traffic with the built-in PostgreSQL Database
Encrypt traffic between EventSentry and the built-in PostgreSQL database

Email notification when user logs on via remote desktop
This tutorial will walk you through setting up an include filter to receive an email when a user logs on using RDP.

Event Log Filters
An introduction to event log filters in EventSentry

How to add an exclude/include filter
One of the most powerful aspects of EventSentry is the event filtering capabilities. This tutorial helps you understand different ways to configure these filters.

Delimited Log File Monitoring
When using powerful options in EventSentry to monitor your Windows servers and workstations you are not limited to the information in the event logs. Using Log File Monitoring lets you monitor every log file on your machines, allowing for alerts and detailed reporting in the web reports.

Using Filter Text to match specific events
The Filter Rules Test Utility makes testing your rules a lot easier. Instead of waiting for the event to occur we can now generate it and see a list of all filters that will match that event. This tutorial illustrates core concepts of EventSentry.

How to use Service Monitoring
This tutorial will walk you through the Service Monitoring aspect of EventSentry by setting up an email notification when a specific service changes status.

Consolidating information to the EventSentry database
This tutorial will show you how to create a database, add the appropriate tables and user accounts, and configure EventSentry to log information. If you setup a MSSQL or MySQL database with the installer, then you will not need to take the following steps, but this information may help grant a greater understanding of EventSentry.

Remote Update Utility
This tutorial will walk you through the step required to automatically update the configuration every night. We will demonstrate creating a batch script and setting up a Windows Scheduled Tasks.

Using Filter Timers
Filter Timers give you the ability to ignore events if they are followed by a specific event within a certain time period. For example, you probably want to be notified when a server goes offline for more than 5 minutes, but it might be OK if the server comes back online after 2 minutes.

Using Logon/Logoff Tracking
The Logon/Logoff feature in EventSentry can provide you with a great deal of information about user logons. For example, viewing which users are logged on via Terminal Services or which users are logging on to your domain controller.


Tutorial Archive